@poppinss/hash

Password hashing

Module to hash values with support for PHC string format

This module is used by AdonisJs to hash user password with first class support for upgrading logic. A big thanks to the author of uphash, who inspired me to use PHC string format. I would have used uphash directly, but the user facing API is different from what I desire.

Table of contents

• Features
• Usage
• Switching drivers
• Adding custom drivers
• API Docs
• Maintainers

Features

1. Support for multiple hashing algorithms.
2. Option to extend and add your own hashing algorithms.
3. Wraps the hash output to a PHC string format, this allows upgrading user passwords, when the underlying configuration changes.

Usage

The bcrypt driver doesn't work with Node v12 yet. We are waiting for bcrypt open issues to get fixed.

Install the package from npm registry as follows:

npm i @poppinss/hash

# yarn
yarn add @poppinss/hash

and then use it as follows:

import { Hash } from '@poppinss/hash'
const hash = new Hash(iocContainer, config)

const hashedValue = await hash.hash('password')
await hash.verify(hashedValue)

await hash.needsRehash(hashedValue) // false

Switching drivers

You can switch drivers using the driver method.

import { Hash } from '@poppinss/hash'
const hash = new Hash(iocContainer, config)

await hash.driver('bcrypt').hash('password')

Adding custom drivers

The custom drivers can be added using the extend method.

import { Hash, HashDriverContract } from '@poppinss/hash'
const hash = new Hash(iocContainer, config)

class Scrypt implements HashDriverContract {}

hash.extend('scrypt', (container) => {
  return new Scrypt()
})

API Docs

Following are the autogenerated files via Typedoc

• API

Maintainers

Harminder virk